Who Is Selling My Data?

Lg_where-does-cc-data-go-stolen

by Ciphas

While I know this blog is primarily about the “dark web,” I think it’s easy to forget that the purpose of the dark web is privacy and anonymity (not sick stuff).

As I’d mentioned in my earlier post Is Your Password on the Dark Web? Maybe., it’s easy to unknowingly have your data stolen and, in some cases, passed around the dark web.

By the same token, there’s a good chance that advertisers have also mined and sold your personal data – be that your name, address, phone number, or something else. This article from Lifehacker, though it came out in 2013, has a list of some of the major companies that may have sold your data: The Top 50 Companies That Mine And Sell Your Data (and How to Opt Out).

If you want to skip that, the actual list is here: Master List of Data Broker Opt-Out Links. Click on any one of the links on this list to opt out of having your data sold.

opt_out_list

Of course, this is only one site, but it does seem to be very comprehensive, and covers a lot of the data broker sites. If you have time, I suggest going through each one and having your name removed, if necessary.

These are also good sites to take a look at, for the same reason:

CheckPeople.com

Pipl.com

Spokeo.com

Abine.com: How to Protect Your Data

Granted, if this sort of thing doesn’t matter to you, then don’t worry about it. The reason I mention it at all is that if you don’t want unscrupulous people to get hold of your personal information, it’s best to remove it, if at all possible.

I say this knowing that today is the social media age, where people constantly post selfies and videos of themselves doing who-knows-what, including pictures of themselves having sex. Which I would never do…really!

Anyhow, if this is something that concerns you, check these sites out. It may be creepy what you find.

peephole

 

 

 

Advertisements

Tor Social Network Update: Galaxy3

For those of you who were sad that Galaxy2 had disappeared, there is a new social network by the name of Galaxy3 at http://22dvf4xgaqa672b4.onion. There is also what appears to be a scam clone site at http://uwv7wslui5f4ukff.onion/, so I would avoid using that one if I were you.

galaxy3_groups

I’m sure many of the members of the previous social network are happy about this, although I was a little hesitant to join at first, given that there are so many clone sites (like the one above) out there.

So, I just joined about a week ago, and by all accounts, this site seems to be legit. No, really, it is!

bitcoin_doubler_scam

I recognize quite a few of the same folks who were on Galaxy2, which is a good indicator that it is the real thing.

Anyhow, Galaxy3 is quite similar: like its predecessors, it has a feature called “The Wire,” which is basically a news feed (like on Facebook or Twitter). And yes, anything you post to The Wire is public, so for newcomers – don’t post it if you don’t want others to see it!

What surprises me about it is that many of the Wire posts are the same types of things that people would say on Facebook, Tumblr, or other clearnet social media sites. I think I’ve addressed this on my earlier “dark web social network” posts.

It could be something as simple as, “Hey, what’s going on everybody?” Or I have noticed some people who appear to be trying to promote businesses and such. But as I said, the dark web has increased my level of paranoia tenfold; I tend to view anyone who is selling something with a degree of skepticism.

One other thing that I notice frequently is that people don’t shy away from posting about controversial topics here (and that goes for the dark web as a whole, not just Tor). Many of the social networks I’ve been a part of on Tor (and elsewhere) have included such things as gore, self-harm, drug use, and…um…unusual fetishes. Not that you can’t find that on the clearnet:

kink_forum_censored

If only they knew that my fetish was to collect Precious Moments dolls and dress them in leather outfits…

In all seriousness, vaguely remember someone asking who was into scat play, for example – which I’m sure you could find on the clearnet as well, if that’s what you’re into, but again, the keyword is “anonymity.”

Like your popular social media sites on the clearnet (Twitter, Tumblr, etc.), Galaxy3 also has a blog feature, which works quite similarly. All you do is click on the “Blogs” tab, and you’ll see a feed with the latest blog posts. From there, you can also add your own (well, yah, I could’ve told you that).

galaxy3_blog_censored

But again, what’s the difference between these blogs and the ones that you would find on the clearnet? Well, I noticed a lot of paranoid conspiracy theory stuff on there, plus there was some guy asking about the aforementioned kinky sex acts. See? The dark web’s not all “bad” – it has kinky sex!!

dark_web_dominatrix

Come to the dark web – we are kinky.

All in all, if you’re already interested in the dark web and have not checked out any of these social networks yet, Galaxy3 is one that I recommend. The people are pretty cool, and there aren’t any convoluted instructions for becoming a member.

Questions? Feel free to ask.

 

 

 

 

 

Exposing A Scam: V3RDAD

For the record: I don’t like scammers (who does?), but I have encountered many of them, especially on Tor and other darknets. I suppose that’s all par for the course.

My most recent scam encounter has been with a fellow who calls himself (or herself?) V3RDAD.

He has a profile on ask.fm, which is a question and answer site along the lines of Quora or Yahoo! Answers. On this profile, he links to a Tor hidden service at http://dafynex6ytjnpeo4.onion/ Fine – there’s nothing wrong with that, except that I find all of his answers to be sketchy in nature.

Here’s one example:

ask_fm_scam

In the screenshot above, someone asks “Why does taur node open a listening connection? My antivirus blocked it.”

His answer:

“Taur Node creates a listener to handle up-to-date information coming from the network itself. The only purpose of it is to display pop-up information about the network, like network status, node availability, login information, etc. Just disable your antivirus software before starting the node. If you are too paranoid about it, you can simply just kill it’s process after you are done / disconnected from the network and re-enable your antivirus again. Killing the process of the node will disable any incoming activity and kill the listener.. you will basically not be able to receive any information about the network anymore.”

OK – does that sound suspicious to anyone? He’s asking some random person to disable their antivirus program after the program blocked this so-called “taur” software. I realize that on occasion, antivirus programs will block software that isn’t malicious, but why should I trust you, V3RDAD?

The Tor hidden service that he links to is entitled “whoami,” and looks like this:

dafy_node_scam

The links with the purple text have various downloads, all of which (as I said before) look very sketchy. The operator of this site claims that you need the downloads to connect to a so-called “taur node” (in other words, nodes on his “private network”).

Again, this sounds like a scam to me. If you really want to try it (which I don’t recommend), use a virtual machine (e.g. Qubes or Tails) so that the file can’t potentially harm your computer.

If you look at some of his other answers, they also sound like bullshit:

Q. What is vbs0rkxc.dafy?

A. The answer to Level 7.

Um…OK, if you say so. If you’ve read any of my earlier posts (or RationalWiki, for that matter), you should know that there are no “deep web levels,” as intriguing as that might sound.

It’s possible that the same person may also have written this blog post, although I’m not sure: Darkfantasy Network. Why do I say this? It has a list of so-called “dafy links” (where have I heard that before?)

dafy_links

In addition, it has a list of “Nept Links,” “Life Links,” “Taur Links,” and “Elen Links,” accompanied by mysterious descriptions. Here are a few examples:

http://girogahary5arofeideidegivoly.nept/ – Dark Babylon City (hidden marketplace)

G94dkElc.dafy – Conspiration Forum

http://ekkhgiskagfrawahulatriaottyx.nept/ – How the Universe was Created

You get the idea. And to try to lend credence to his links, he throws in a few real ones, including ChaosVPN and Freenet. This isn’t the first time I’ve seen something like this. Remember The Shadow Web? (*cough cough*)

Anyhow, I don’t suggest downloading anything from these sites, as it may potentially harm your computer. And of course, don’t give this person any money. Want some real darknet links, though? Here:

http://rrbm3jiflz3euxhp.onion/wordpress/

http://zfq7tgxed245jpdz.onion/ – The Darknet Project 0ffSecurity

bdtq4shqkbb3yy7b.onion – DARKWEB LEGION (yes, that’s how they wrote it)

ZeroNet Links:

http://127.0.0.1:43110/kaffiene.bit/

127.0.0.1:43110/138R53t3ZW7KDfSfxVpWUsMXgwUnsDNXLP/

http://127.0.0.1:43110/zerochatrooms.bit/

Freenet Links:

http://localhost:8888/freenet:USK@tiYrPDh~fDeH5V7NZjpp~QuubaHwgks88iwlRXXLLWA,yboLMwX1dChz8fWKjmbdtl38HR5uiCOdIUT86ohUyRg,AQACAAE/nerdageddon/247/ – Nerdageddon

http://localhost:8888/USK@XJZAi25dd5y7lrxE3cHMmM-xZ-c-hlPpKLYeLC0YG5I,8XTbR1bd9RBXlX6j-OZNednsJ8Cl6EAeBBebC3jtMFU,AQACAAE/index/711/ – Enzo’s Index

http://localhost:8888/freenet:USK@2u8eFaTHrvLzeHeq9vXFV8wzivgTG1ExY6v1cM8Zblo,eDLofzubExKX5A8TK0SqdQb3jrI0fDlgw-iaxXUEHVQ,AQACAAE/ttipdocs/5/ – Greenpeace TTIP Leaks

http://localhost:8888/USK@1ORdIvjL2H1bZblJcP8hu2LjjKtVB-rVzp8mLty~5N4,8hL85otZBbq0geDsSKkBK4sKESL2SrNVecFZz9NxGVQ,AQACAAE/bluishcoder/21/ – Bluish Coder

I also recently found a site that maps the Hyperboria Network, which uses the cjdns protocol: fc00 – these I really haven’t checked out yet, so maybe you can fill me in!

I guarantee that these are all real links (although I can’t guarantee that the information on them is accurate). Check those out, and let me know if you find anything of interest. If you don’t, keep searching!

 

 

 

 

 

 

Tor Social Networks: Oct. 2017 Update

Who knew that socializing on the “dark web” would be such a popular topic? On my earlier post Fun with Dark Web Social Networking!!, someone mentioned that the beloved site Galaxy2 is no more, which I didn’t realize.

As some of my friends on IRC like to say, “rip” (all-lowercase intended.) Well, it’s Tor – what did you expect? Sites seem to go down and come back up again rather frequently.

In any case, you may be wondering about any alternatives that exist. I’m happy to report that one of the sites that I mentioned in the original post, Blackbook, is back up again. As before, you can find it at http://blkbook3fxhcsn3u.onion. It has a new, slightly more modern look, and seems to be functioning for the most part:

blackbook_homepage_censored

Like Facebook, it has a news feed, polls, forums, pages, etc. Because it’s Tor, though, you may find that the subject matter tends to differ a lot from that of Facebook. As has been my experience on some other Tor sites, a common question is, “How do I hack [insert social media site here]?” In fact, when I checked it today, someone was asking how to hack WhatsApp; maybe that will be the subject of a future post.

Also, as I remember from my previous membership, there are people advertising “hitman for hire” services and other sorts of financial offerings.

However, like before, it requires the use of JavaScript, and depending on whether you trust the site or not, this may be a good or bad thing. You can log into the site without enabling scripts, but some of its basic functions won’t work. For example, you won’t be able to leave comments, check your messages, etc.

I tend to be wary of Tor sites that require JavaScript, because of the potential for JavaScript exploits, such as Cross-Site Scripting (XSS), which I have encountered on other Tor hidden services in the past.

That aside, there’s another troubling aspect to this – Blackbook seems to be affiliated in some way with The Hidden Wiki, which many Tor users think of as their “introduction” to the dark web. The problem with this is that The Hidden Wiki is loaded with scam sites, and that makes sense, given that a lot of noobs visit it when they first venture onto the dark web.

Lo and behold – just like The Hidden Wiki, Blackbook has a number of ads for financial services of sorts on the dark web. While I haven’t tried them personally, they look sketchy to me, so I would avoid them if I were you. Anyhow, if all you really want to do is socialize, and maybe learn some things, you’re fine.

Meet Some Psychos

http://psycnets7z6tvqpa.onion

psycho_social

The other “social network” which I recently joined is called “Psycho Social Network,” and as its name implies, it seems to be geared toward people interested in dark things. Hopefully they’re not real psychos – well, it’s the dark web, so you never know.

It even features a shot of Patrick Bateman from the movie American Psycho, appropriately. (“Do you like Huey Lewis and the News?”) Given that it’s brand new, there don’t seem to be very many people active on it, although this could change.

Like Blackbook, it has at least one group dedicated to hacking and exploits. Some of the more unnerving groups, however, were called things like “Gore and Torture.” Don’t get me wrong – I love some gore as much as the next guy, but there’s LiveLeak for that.

So, if that’s what you’re into, you may want to check this one out. Heck, I’d be honored if I managed to attract a few people with this post!

In the meantime, I’m gonna leave – I have to return some videotapes.

 

 

 

Can You Access .Onion Sites Without Tor Browser?

by Ciphas

(Note: Thanks to Ben Tasker’s Security Blog and traudt.xyz for being references.)

Can you access .onion sites without the Tor Browser? Short answer? Yes, you can – but I don’t recommend it…I cannot stress this enough.

I’ve mentioned Tor2web proxies in a few previous posts, but didn’t elaborate on it much. onionto

In their own words, “Tor2web is a project to let Internet users access Tor Onion Services without using Tor Browser.” Tor2web and Web2Tor are reverse proxies which allow clearnet users (such as someone using Chrome, Firefox, etc.) to access Tor hidden services.

reverse_proxy

The proxy listens on port 80 (or sometimes 443) on a clearnet server, and then proxies requests to the Tor hidden service.

If you’re unfamiliar with proxy servers, Indiana University gives a great definition of one: What is a proxy server?  (Psst…I talked about this a little in my earlier post ‘Anonymous’ Proxy List?)

The example they use to illustrate on Tor2web.org is that when you see an onion URL, for example, http://pbfcec3cneb4c422.onion/, if you add “.to,” “.link,” “.cab,” etc. to the end of the URL (e.g. http://pbfcec3cneb4c422.onion.to), and that proxy will connect you to the onion service. Great, right?

Well, no – not great. In spite of its convenience, the problem with using these proxies is that whomever is operating the Tor2web proxy can spy on your web traffic. While this may not sound like a bad thing, if said proxy operator has malicious intent, then you (the user) are basically a sitting duck. Plus, if the point of Tor is being anonymous, and someone can detect your web traffic that defeats the whole purpose!

In fact, even onion.cab themselves – the proxy service, that is – warns users when they first try to access a site this way:

onion

If this doesn’t sound bad, then it should be noted that not only can the operator see your web traffic, but they can also modify it and inject code if they so desire.

Ben Tasker Security Blog has an excellent post about this called Don’t Use Web2Tor/Tor2web (especially Onion.cab) – the example he gives is that some Web2Tor services “have some pretty bad habits, including playing fast and loose with your privacy.”

If you visit  https://6zdgh5a5e6zpchdz.onion, but do so through onion.cab instead of through Tor, the proxy service injects piwik analytics code into the page, which looks something like this:

piwik_tracking

So why should you care? Well, the proxy service who injected the code now knows that your IP address accessed said onion service at a specific time. In addition, they’re also executing code on your browser that the operator of the original site is unaware of.

Within the code, some of the information that it can discover about you is:

  • The title of the page you’re viewing
  • An ID for the site
  • The time that you made the request
  • The exact URL you were looking at
  • The page that sent you to that URL
  • Details of which plugins you have installed
  • Whether cookies are enabled
  • Your screen resolution
  • A unique ID for you

Alternately, this third party operator can inject code into the site that may track you across hidden services – that is, if you’re using the onion.cab proxy.

You can even contract malware via some Tor2web proxies – read this article by Virus Bulletin – Vawtrak uses Tor2web to connect to Tor hidden C&C servers. Granted, this article is over two years old, but it can still give you an idea of what might happen if you rely on these proxies.

Thus, if your concern is privacy, it should be obvious why you don’t want to give this information away. The same goes for any proxy, really, but again, if you’re using Tor for anonymity, then accessing so-called “hidden services” via the clearnet is pointless.

I know that a lot of people who explore the “dark web” for fun just say, “Give me links!” But if you want to explore those links, do so in the right way – use the Tor Browser (from https://www.torproject.org/), and don’t try to do so via the clearnet.

There’s a reason it’s called the “dark web,” after all.

creepy_eyes

‘Anonymous’ Proxy List?

SPIDERMANLUCK.png

I forget exactly where I found this link – I think it was either Electronic Frontier Foundation or Privacy Tools  – but it’s a list of supposedly anonymous proxy servers, generated by a set of particular search engine terms:

+”:8080″ +”:3128″ +”:80″ filetype:txt

This returns results for lists of proxy servers that use ports 8080, 3128, and 80, which are apparently more anonymous than average proxies.

You’ll get different results if you use different search engines, too:

qwant.com: proxy list

Blackle.com: proxy list

For the curious, here are some of the actual results that you might get as well:

rebro.weebly.com: proxy list

Proxy Spider: short proxy list

kan339: proxy list

lategoodies.tripod.com: proxy list

h3furnitureoutlet: proxy list (yeah, a furniture outlet has a proxy list)

proxy IP list: anonymous

jobabroad.sweb.cz: proxy list

playinator.com: proxy list

Even so, as I mentioned in a few earlier posts, this all depends on whether you trust proxies at all. Which is why I haven’t used any of these, personally.

It’s similar to using a VPN in combination with Tor. Are you really anonymous when doing this? That depends on whether or not you trust your VPN provider! By the same token, it’s very risky to use certain proxies, unless you know what data the proxy server is collecting about you. Never mind the fact that .txt documents can contain malware (just as some PDFs on Tor do). Read Should You Trust Any Proxy? to find out a little more.

Regardless, it’s an interesting experiment to try Googling this, even if you don’t decide to use the proxy services themselves. Most of the sites look like this:

anonymous_proxy

While the idea of “anonymous proxy server” sounds great, in theory, they could be just like malicious Tor exit nodes – intending to steal data or worse.

So yes, these proxies exist. Should you use them? That’s up to you.

Call me paranoid, but personally, I wouldn’t.

 

Discontinued Darknets??

Given that privacy and anonymity are such a hot topic these days, there are many projects that various people and organizations are developing for just that reason. Several of these I’ve already mentioned multiple times, including Tor, I2P, Freenet, and ZeroNet.

Nonetheless, I find the defunct ones to be just as interesting, partly because some of them used different methods for disguising one’s identity. A few that I’ve had a chance to check out are:

  1. Osiris Serverless Portal System
  2. anoNet: Cooperative Chaos
  3. Umbra (by the Shadow Project)
  4. StealthNet

Some of these, in spite of no longer being developed, are still available for download, so you can check them if you’re just curious.

I thought I would give a brief explanation of each of these, and then let you explore on your own, if you wanted to find out more.

Osiris SPS

osiris

Osiris is a program used to create web portals that are distributed via P2P networking, and are not reliant on central servers (hence the name “serverless portal system”). Data on Osiris portals are shared between all participants. According to the Wikipedia article on Osiris, these are some of its key features:

  • The system is anonymous. It is not possible to make an association between a user and their IP address, hence one cannot trace the person who created a content.
  • Even with physical access to an Osiris installation it is impossible to trace the actual user without knowing his password.
  • 2048-bit digital keys guarantee the authenticity of content (digitally signed in order to prevent counterfeiting) and the confidentiality of private messages (encrypted between the sender and recipient).
  • To prevent the ISP from intercepting traffic, connections and data transfer to a portal (called alignment), Osiris uses random ports which are cloaked during handshake and encrypted point-to-point via 256-bit AES.
  • The P2P distribution allows content to be present in multiple copies as a guarantee of survival in case of hardware failure or nodes off-line.
  • As the portals are saved locally, one can read the contents even if one works off-line.

In some ways, Osiris is also like Freenet, in that it uses P2P distribution of content, has a reputations system, and uses cryptographic keys as identifiers.

Now, for those of you looking for creepy and disturbing stuff, I’ve never found any of that on Osiris. That wasn’t really my intention when I started using it. I was exploring other anonymity networks and software that I had yet to use.

The problem with Osiris is that it seems as though it’s no longer being developed, as I mentioned. Still, for the curious who just want to check it out, click the link above.

anoNet

anonet_6

anoNet was a Wide Area Network (WAN) created in 2005. Its creators were a few people who were tired of the surveillance and constant data collection that still takes place on the clearnet today.

As on Freenet or ZeroNet, they wanted it to have functions like social networking, messaging, email, and website publishing, but the ability to do all of these anonymously. The network used OpenVPN, tinc, Quagga, BIRD, and QuickTun. OpenVPN and QuickTun were used to quickly connect nodes to one another, while BIRD and Quagga were used to exchange routing information with others on the network, allowing all peers to connect to each other easily.

What I’m not entirely sure of is if you can still connect to the network at all, since various sources have listed it as defunct. It may be similar to Osiris, in that it isn’t actively being developed, but the software is still available.

Umbra

overview_wallet

Umbra, like Osiris, isn’t really defunct, but it isn’t being actively developed. It was a division of The Shadow Project, the creators of the ShadowCash cryptocurrency.

It could be used for anonymous chat, messaging, email, and hosting websites (much like Freenet or ZeroNet). I haven’t had the chance to use it yet myself, but I would enjoy just playing around with it, if for no other reason than learning…and fun!

StealthNet

stealthnet

StealthNet was an anonymous P2P filesharing network, based on an earlier model, called RShare. Like many other P2P networks, traffic was routed through other nodes in the network, helping to keep users anonymous.

For better or worse, this project, too, has been discontinued. If you’re just curious about it, however, it looks as though you can download the software. It’s unlikely that there will be many (if any) peers to connect to, which kind of defeats the purpose of a P2P network!

Anyhow…

Despite the fact that these networks have been discontinued, I expect that others like them are being developed right now, or will be in the future.

As I always say, if you’re a budding developer, why don’t you create one? It could eventually be something big!